NCSC Features
Matthew Halvorsen, Strategic Program Director for NCSC’s Supply Chain and Cyber Directorate, recently sat down with Gregory Garcia, the Executive Director for Cybersecurity of the Health Sector Coordinating Council, for an audio interview on current threats to the health care sector. The discussion focused on cyber and supply chain threats, including ransomware, nation-state targeting of COVID-19 research, and other current topics.
This episode is the first in a series of interviews with experts and practitioners from government, industry, research and academia to spotlight threats to key U.S. supply chains and highlight mitigation.
- Check out NCSC’s first podcast interview, click here
- For a transcript of the interview, click here
Guest Speaker
Greg Garcia is the Executive Director for Cybersecurity of the Health Sector Coordinating Council, the convening organization for critical healthcare infrastructure organizations working in partnership with HHS and other government agencies to protect the security and resilience of the sector, patient safety and public health.
Greg was the nation's first DHS Assistant Secretary for Cybersecurity and Communications under President George W. Bush, 2006-09, where among other achievements he initiated the creation of the National Cyber and Communications Integration Center (NCCIC). He also served as executive director of the Financial Services Sector Coordinating Council, stood up the I.T. Sector Coordinating Council, and held executive positions with Bank of America, 3Com Corporation, and the Information Technology Association of America.
Greg also served as professional staff on the Committee on Science in the U.S. House of Representatives, where he helped draft and shepherd enactment of the Cyber Security Research and Development Act of 2002.
“Securing our election requires a whole-of-society approach. Every American has a role to play, especially since the American voter is the primary target of foreign influence and disinformation efforts. The women and men of the Intelligence Community will continue to be vigilant in protecting America, but we need your participation in this effort. As Americans, we are all in this together. I encourage you to stay informed and vote! By doing so, you'll not only help protect our elections, but also send a clear message to our adversaries. We decide who our elected officials are.”
— NCSC Director Bill Evanina
On October 6 2020, NCSC Director Bill Evanina, FBI Director Chris Wray, NSA Director Paul Nakasone, and CISA Director Chris Krebs released a Public Service Announcement on the security of the upcoming 2020 election. Click here to watch the video on YouTube.
7 August 2020: Statement by NCSC Director William Evanina: Election Threat Update for the American Public
28 July 2020: Statement by NCSC Director William Evanina: 100 Days Until Election 2020
26 August 2020 NCSC Safeguarding Our Election bulletin: Foreign Adversaries Could Use Deepfakes to Influence U.S. Elections
20 August 2020 NCSC Safeguarding Our Election bulletin: Foreign Adversaries are Targeting U.S. Elections with Disinformation
22 October 2020: Russian State-Sponsored Advanced Persistent Threat Actor Compromises U.S. Government Targets
22 October 2020: Iranian State-Sponsored Advanced Persistent Threat Actors Threaten Election-Related Systems
02 October 2020: Spoofed Internet Domains and Email Accounts Pose Cyber and Disinformation Risks to Voters
01 October 2020: Foreign Actors Likely to Use Online Journals to Spread Disinformation Regarding 2020 Elections
30 September 2020: Distributed Denial of Service Attacks Could Hinder Access to Voting Information, Would Not Prevent Voting
28 September 2020: False Claims of Hacked Voter Information Likely Intended to Cast Doubt on Legitimacy of U.S. Elections
24 September: Cyber Threats to Voting Processes Could Slow But Not Prevent Voting
22 September 2020 Foreign Actors and Cybercriminals Likely to Spread Disinformation Regarding 2020 Election Results
Election Security Information Needs — NCSC
NCSC’s informational brochure on foreign threats to U.S. elections and the potential activities that foreign adversaries can undertake to undermine election security.
ODNI collaborates with federal departments and agencies, state and local government, election officials and other valued partners to help protect our elections and maintain transparency with the American public about our efforts.
Protected Voices – FBI
The Protected Voices initiative provides tools and resources to political campaigns, companies and individuals to protect against online foreign operations and cyber threats.
Election Security – DHS
Department of Homeland Security resources on election security, infrastructure and services.
Election Security – CISA
Cybersecurity and Infrastructure Security Agency resources on election infrastructure security and election risk management.
#TrustedInfo2020 – National Association of Secretaries of State
The #TrustedInfo2020 education initiative is a collaborative effort from the country’s Secretaries of State, along with other state and local election officials, who hope to inform the public of trusted sources of election information.
Elections and COVID-19 — U.S. Election Assistance Commission
Resources for voters and election officials related to COVID-19, education and training.
The Executive Director of the National Counterintelligence and Security Center has issued her letter of endorsement for the fifth annual National Insider Threat Awareness Month in September 2023. Please join us during September to emphasize the importance of safeguarding our nation by detecting, deterring, and mitigating insider threats. If you would like to increase awareness in your workforce, visit the National Insider Threat Awareness Month website to learn more about the serious risks posed by insider threats and how to recognize and report anomalous/threatening activities to enable early intervention. The web page of the National Insider Threat Task Force also has resources available.
Do you want to connect? Understand that foreign intelligence entities and criminals routinely use deception on social media platforms to try and connect with people who have access to information they want. Before you link online with someone you don’t know, think about the risks it may pose to yourself, your family, your organization and even national security.
The “Nevernight Connection”
The FBI and the National Counterintelligence and Security Center (NCSC) have released a new movie, “The Nevernight Connection,” to raise awareness of how hostile actors use fake profiles and other forms of deception on social media to target individuals in government, business and academic communities for recruitment and information gathering.
Inspired by true events, the 30-minute video details the fictional account of a former U.S. Intelligence Community official targeted by a foreign intelligence service via a fake profile on a professional networking site and recruited to turn over classified information.
The Threat
On professional networking sites and other social media platforms, hostile actors routinely pose as headhunters, interested employers or people with enticing career opportunities in order to connect and develop relationships with people who have access to valuable information.
Over time, they attempt to elicit information from their targets, including about their work and contacts. In some cases, promising targets are offered all-expense-paid trips overseas for meetings or presentations, where they are pressured to turn over more information. Some foreign intelligence services are doing this on a mass scale, targeting thousands of people globally via social media.
While current and former government employees are at risk from these schemes, individuals in the private sector and academic and research communities are also being targeted this way by hostile actors seeking to acquire trade secrets, proprietary data and information about cutting-edge research and technology.
Mitigation
At a minimum, the NCSC and FBI encourage the public to practice basic cyber hygiene when receiving an invitation to connect via social media.
- Never accept an invitation to connect from someone you do not know, even if they are a friend of a friend
- If possible, validate invitation requests through other means before accepting them
- Exercise caution when posting information about yourself, your job and contacts on social media, as it could draw unwanted attention from adversaries and criminals
- Report suspicious online approaches to appropriate authorities
Additional Resources
U.K. Centre for the Protection of National Infrastructure (CPNI)
- “Think Before You Link” — These CPNI materials provide advice on how to recognize malicious online profiles, realize the threat they pose, respond appropriately and minimize the risk of being targeted in the first place
- “Glitch” — This CPNI video identifies how hostile actors use professional networking sites to build relationships with targets and attempt to access sensitive information
National Counterintelligence and Security Center (NCSC)
- “Know the Risk: Raise Your Shield” — Video on social media deception
- “Don’t Be This Guy” — Additional video on social media deception
- “Social Media Deception” — Additional video on social media deception
- NCSC Social Media Deception poster and infographic
- NCSC Social Engineering poster and infographic
These unclassified, "Safeguarding Our Future " bulletins provide a brief overview of a specific foreign intelligence threat, as well as impacts of that threat and steps for mitigation.
12 October 2023 NCSC / FBI Safeguarding Our Future bulletin – Russian Intelligence Poses a Persistent Threat to the United States
11 October 2023 NCSC Brochure – Enterprise Risk Mitigation Blueprint for Non-Intelligence Agencies
18 August 2023 NCSC / FBI / Air Force Office of Special Investigations bulletin – Safeguarding the U.S. Space Industry
30 June 2023 NCSC Safeguarding Our Future bulletin – U.S. Business Risk: People’s Republic of China (PRC) Laws Expand Beijing’s Oversight of Foreign and Domestic Companies
28 March 2023 NCSC / FBI Safeguarding the Public bulletin – Don't Be a Pawn of Repressive Foreign Governments
- Arabic -- Don't Be a Pawn of Repressive Foreign Governments
- Chinese (simplified)-- Don't Be a Pawn of Repressive Foreign Governments
- Chinese (traditional)-- Don't Be a Pawn of Repressive Foreign Governments
- Farsi -- Don't Be a Pawn of Repressive Foreign Governments
- Russian -- Don't Be a Pawn of Repressive Foreign Governments
- Spanish -- Don't Be a Pawn of Repressive Foreign Governments
- Turkish -- Don't Be a Pawn of Repressive Foreign Governments
- Korean -- Don't Be a Pawn of Repressive Foreign Governments
- French -- Don't Be a Pawn of Repressive Foreign Governments
- Urdu -- Don't Be a Pawn of Repressive Foreign Governments
- Uyghur -- Don't Be a Pawn of Repressive Foreign Governments
2 November 2022 NCSC Safeguarding Our Future bulletin – Virtual Telework Platforms: Strengthen Your Posture to Guard Your Data
14 September 2022 NCSC Fact Sheet – Foreign Collection Methods: Indicators and Countermeasures
6 July 2022 NCSC Safeguarding Our Future bulletin – Protecting Government and Business Leaders at the U.S. State and Local Level from People’s Republic of China (PRC) Influence Operations
25 May 2022 NCSC Safeguarding the Public bulletin – Pro-Ukraine Individuals and Businesses at Increased Risk for Online Russian Influence and Surveillance Campaigns
31 January 2022 NCSC Safeguarding Our Future bulletin – Protecting Personal Health Data from Foreign Exploitation
7 January 2022 NCSC / State Department bulletin – Protect Yourself: Commercial Surveillance Tools
14 December 2021 NCSC Fact Sheet – Protect Your Organization from the Foreign Intelligence Threat
22 October 2021 NCSC Fact Sheet – Protecting Critical and Emerging U.S. Technologies from Foreign Threats
18 October 2021 NCSC / Office of the Cyber Executive Safeguarding Our Future bulletin -- HAFNIUM Compromises MS Exchange Servers
13 October 2021 NCSC / Office of the Cyber Executive Safeguarding Our Future bulletin – Kaseya VSA Supply Chain Ransomware Attack
5 October 2021 NCSC / Office of the Cyber Executive Safeguarding Our Future bulletin – SolarWinds Orion Software Supply Chain Attack
8 April 2021 FBI/NCSC Safeguarding Our Future bulletin – Secure America’s Future in Quantum: Protect Your Research
1 February 2021 NCSC Fact Sheet -- China’s Collection of Genomic and other Healthcare Data from America: Risks to Privacy and U.S. Economic and National Security
26 August 2020 NCSC Safeguarding Our Election bulletin -- Foreign Adversaries Could Use Deepfakes to Influence U.S. Elections
20 August 2020 NCSC Safeguarding Our Election bulletin -- Foreign Adversaries are Targeting U.S. Elections with Disinformation
13 August 2020 NCSC Safeguarding Our Future bulletin -- Keep the Healthcare and Public Health Sector Supply Chain Safe
23 July 2020 NCSC Safeguarding Our Future bulletin -- Prevent Foreign Governments from Undermining Our Public Health through Disinformation
6 July 2020 NCSC Safeguarding Our Future bulletin -- Virtual Telework Platforms – Protect Your Company Information
25 June 2020 NCSC Safeguarding Our Future bulletin -- Protect your organization's crown jewels
19 June 2020 NCSC Safeguarding Our Future bulletin -- Beware of foreign gifts with strings attached
10 June 2020 NCSC Safeguarding Our Future bulletin -- Don't let foreign actors hijack your research!
27 May 2020 NCSC Safeguarding Our Future bulletin -- Would you want a foreign government to have your DNA?
Check back for more bulletins coming in the future!
Below are links to the press release, executive summary, and National Counterintelligence Strategy of the United States 2020-2022
- The Press Release (PDF)
- The Executive Summary of the National CI Strategy (PDF)
- The National CI Strategy (PDF)
